Donlakarn Premthong
Bangkok,Thailand
Summary
A penetration tester with 7 years of broad and diversified experience in the field of information security, security research, penetration testing and cyber-investigations.
Overview
7
7
years of professional experience
1
1
Certification
Work History
Senior Penetration Tester
Central Retail Corporation Public Company Limited
Bangkok, Thailand
04.2023 - Current
- Conducted manual and automated vulnerability assessments using industry standard tools.
- Performed network, application, system and mobile penetration testing across company's product suite.
- Participated in regular internal audits for identifying areas that need improvement or require additional controls.
- Provided technical guidance to development teams during the software development life cycle.
- Introduced process efficiencies into existing methodologies and recommended improvements to testing workflows.
- Communicated findings and strategy to stakeholders, technical staff and executive leadership.
Penetration Tester Team Lead
Reconix Pty Ltd
Perth
04.2022 - 01.2023
- Conducted security assessment for clients, including network and application penetration testing to identify vulnerabilities and recommend remediation steps.
- Maintained up-to-date knowledge of industry standards, such as OWASP, to ensure best practices were followed during testing engagements.
- Consulted with customers on how to improve security posture and delivered follow-up support during implementation.
- Directed teams of security professionals to deliver security consultancy for clients.
Senior Consultant
Satalyst Pty Ltd
Perth
03.2021 - 03.2022
- Led and provided quality assurance for technical engagements including Red Team Assessments, Penetration Testing, Application Security Assessments.
- Provided subject matter expert level input into Cyber Security Advisory engagements such as secure architecture assessments.
- Provided input into the development and training plan for the team as well as providing on the job training to juniors.
- Represented Satalyst's Cyber Defence capabilities in the industry as a subject matter expert.
Application Security Engineer
aCommerce Co., Ltd
Bangkok
05.2020 - 03.2021
- Performed penetration testing on internal and external applications.
- Developed secure coding guidelines.
- Delivered web application security training to developers.
- Acted as a security subject matter expert, providing prompt responses to internal security engineering inquiries and requests.
Senior Consultant, Advisory Services
KPMG Phoomchai Business Advisory Ltd.
Bangkok
12.2016 - 04.2020
- Performed vulnerability assessment and reviewed information security management for the client in various industry.
- Performed network infrastructure penetration testing including system and network devices. The majority of systems that I have tested related to the financial industry such as top three banks in Thailand.
- Performed web application penetration testing follow OWASP testing guide.
- Conducted mobile application penetration testing over 30 applications both Android and iOS.
- Performed penetration testing on Point-of Sale Systems and network infrastructure for a major petrochemical company.
- Performed penetration testing on ATM systems including physical and logical security assessment for a major bank in Thailand.
- Collaborated with a team to conduct the KPMG Cyber Security Challenge 2018 (CTF) which was held in Thailand (Prelimination round) and Malaysia (Final round).
Education
Bachelor of Science - Information Technology For Business
Chulalongkorn University
Bangkok06.2015
Affiliations
Thailand Network Security Contest 2016
- Honorable Mention Award, the competition was to complete vulnerability assessment and penetration testing solution including achieving new vulnerability analysis and preventing penetration testing solutions.
CAT Cyfense
- Finalist, the task was to investigate and conduct digital forensic the Cyber World Tower, BKK.
Certification
- CISSP – Certified Information Systems Security Professional
- OSCP – Offensive Security Certified Professional
- CCSK - Certificate of Cloud Security Knowledge
- eMAPT – eLearnSecurity Mobile Application Penetration Tester
- CC – Certified in Cybersecurity
- CEH – Certified Ethical Hacker
- MS-500 – Microsoft 365 Certified: Security Administrator Associate
- AZ-500 – Microsoft Certified: Azure Security Engineer Associate
- SC-200 – Microsoft Certified: Microsoft Security Operations Analyst
Timeline
Senior Penetration Tester
Central Retail Corporation Public Company Limited
04.2023 - Current
Penetration Tester Team Lead
Reconix Pty Ltd
04.2022 - 01.2023
Senior Consultant
Satalyst Pty Ltd
03.2021 - 03.2022
Application Security Engineer
aCommerce Co., Ltd
05.2020 - 03.2021
Senior Consultant, Advisory Services
KPMG Phoomchai Business Advisory Ltd.
12.2016 - 04.2020
Bachelor of Science - Information Technology For Business
Chulalongkorn University
- CISSP – Certified Information Systems Security Professional
- OSCP – Offensive Security Certified Professional
- CCSK - Certificate of Cloud Security Knowledge
- eMAPT – eLearnSecurity Mobile Application Penetration Tester
- CC – Certified in Cybersecurity
- CEH – Certified Ethical Hacker
- MS-500 – Microsoft 365 Certified: Security Administrator Associate
- AZ-500 – Microsoft Certified: Azure Security Engineer Associate
- SC-200 – Microsoft Certified: Microsoft Security Operations Analyst
Similar Profiles
Nichapawi KhotsriwongNichapawi Khotsriwong
DATA PRIVACY SPECIALIST at Central Retail Corporation Public Company LimitedDATA PRIVACY SPECIALIST at Central Retail Corporation Public Company Limited
Rossukol (Joy) RergsomranRossukol (Joy) Rergsomran
Buying Director - Alcohol & Tobacco at Central Food Retail Company LimitedBuying Director - Alcohol & Tobacco at Central Food Retail Company Limited
BOONRASRI KIRDCHOKBOONRASRI KIRDCHOK
Lawyer at PTT Oil and Retail Business Public Company LimitedLawyer at PTT Oil and Retail Business Public Company Limited